SQL Injection Attack and Method for Detection and Prevention in ASP.NET Web Applications

In this paper, the authors propose a technique, which uses runtime validation to detect the occurrence of such attacks, which evaluation methodology is general and adaptable to any existing system. There is a need to protect databases. In this paper, IDPS system is developed to analyze the values submitted by users through HTML forms and look for possible attack patterns. Once the system finds such a pattern, it blocks the attack and makes a record of the activity. If an attacker continues to pass such attack patterns, the system blocks access by this user altogether.